PingAuthorize Server Documentation Index
Command-Line Tool Reference Home

search-logs

Description
Examples
Arguments

Description

Search across log files to extract lines matching the provided patterns, like the 'grep' command-line tool. The benefits of using this tool over grep are its ability to handle multi line log messages, extract log messages within a given time range, and the inclusion of rotated log files.

Examples

Search for the raw string 'loopback' across all log files defined in the configuration, including rotated ones by default: 
search-logs loopback


Search the access log (not including the rotated ones) for any log message that has a non-zero result code or a processing time that took longer than one second (i.e., the millisecond etime value has at least four digits): 
search-logs --useRegex --logFile ../logs/access --excludeRotated \
     --matchAny "resultCode=[1-9]" 'etime=\d{4,}'


Search the configured logs for any error messages from July of this year: 
search-logs --startTime "[01/Jul/2015:00:00:00.000 -0000]" \
     --endTime "[31/Jul/2015:11:59:59.999 -0000]" error


Search the configured logs for any error messages from July of this year using the format used by GC and JSON logs: 
search-logs --startTime 2016-07-01T00:00:00.000-0000 \
     --endTime 2016-07-31T11:59:59.999-0000 error


Search all the configured logs for any error messages between the times indicated by these two timestamped rotated logs: 
search-logs --startTime access.20150723193136Z --endTime access.20150723193138Z \
     error


Find all of the log records associated with a particular operation: 
search-logs conn=1001 op=42

Arguments

-V
--version

Description Display PingAuthorize Server version information

-H
--help

Description Display general usage information

--help-debug

Description Display help for using debug options
Advanced Yes

-f {/path/to/file}
--logFile {/path/to/file}

Description Path to log file to search. All logs defined in configuration are searched by default
Required No
Multi-Valued Yes

--encryptionPassphraseFile {path}

Description The path to a file that contains the passphrase needed to decrypt any encrypted log files that are encountered. If encrypted data is encountered and this is not provided, then the tool will interactively prompt for the encryption passphrase. If a passphrase file is provided, then it must contain exactly one line that consists entirely of the passphrase
Required No
Multi-Valued No

-d {/path/to/dir}
--logDir {/path/to/dir}

Description Path to directory with log files to search. Cannot be used at the same time as logFile
Required No
Multi-Valued Yes

--excludeRotated

Description Will not search through rotated logs

--startTime {timestamp}

Description Only include log messages starting at and after the given time. This can be paired with the --endTime option to restrict matched log lines to a time range. The two major formats are the standard log format of [dd/MMM/yyyy:HH:mm:ss Z] and the JSON format of yyyy-MM-dd'T'hh:mm:ssZ, where Z is a valid time zone offset. Both formats support millisecond resolution by writing .SSS after the seconds field. Additionally, rotated log file names may be used as a timestamp. ex: --startTime access.20150723193137Z
Required No
Multi-Valued No

--endTime {timestamp}

Description Only include log messages ending at and before the given time. This can be paired with the --startTime option to restrict matched log lines to a time range. The two major formats are the standard log format of [dd/MMM/yyyy:HH:mm:ss Z] and the JSON format of yyyy-MM-dd'T'hh:mm:ssZ, where Z is a valid time zone offset. Both formats support millisecond resolution by writing .SSS after the seconds field. Additionally, rotated log file names may be used as a timestamp. ex: --endTime access.20150723193137Z
Required No
Multi-Valued No

-e
--useRegex

Description Search arguments will be treated as regular expressions in the format provided by the java.util.regex.Pattern class. Arguments must be enclosed in quotes

--matchAny

Description Returns log messages that contain any of the defined search patterns. Default behavior is to return log messages that match every defined search pattern

-v {pattern}
--excludePattern {pattern}

Description Returns log messages that do not match the following search patterns. Can be combined with a positive search
Required No
Multi-Valued Yes

--excludeAny

Description Excludes log messages that match any of the exclude patterns. The default is to exclude messages that match all of the exclude patterns

-i
--ignoreCase

Description Search patterns are case sensitive by default. Use this argument to make searches case insensitive. File names will always be case sensitive

--maxLines {integer}

Description Number of lines to read from a log before moving onto the next one. Use this with large log files to limit the size of the output
Lower Bound 1
Required No
Multi-Valued No

-B {integer}
--beforeContext {integer}

Description Include this many lines of context before any log message that is printed
Lower Bound 0
Required No
Multi-Valued No

-h
--noFileName

Description Do not include filename: prefix when printing a log